NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0561:  Signature verification update

Publication Date
2021.01.15

Protection Profiles
PP_APP_v1.3

Other References
FPT_TUD_EXT.1.4, FPT_TUD_EXT.2

Issue Description

A conflict arises between FPT_TUD_EXT.1.4 and FPT_TUD_EXT.1.5 when “with the platform OS” is selected in FPT_TUD_EXT.1.5.

FPT_TUD_EXT.1.4 states “The application installation package and its updates shall be digitally signed such that its platform can cryptographically verify them prior to installation.
Application Note: The specifics of the verification of installation packages and updates involves requirements on the platform (and not the application), so these are not fully specified here.”

It is not clear how to satisfy this SFR when the installation package contains the TOE platform (the OS) within itself (i.e. when the TOE is distributed “with the platform OS”).

Resolution

FPT_TUD_EXT.1.4 is updated as follows, with strikethroughs denoting deletion and underlines denoting additions:

FPT_TUD_EXT.1.4 The aApplication installation package and its updates shall be digitally signed such that its the application platform can cryptographically verify them prior to installation.

Application Note: The specifics of the verification of installation packages and updates involves requirements on the platform (and not the application), so these are not fully specified here.

Evaluation Activity

TSS

The evaluator shall verify that the TSS identifies how the application installation package and updates to it the application are signed by an authorized source. The definition of an authorized source must be contained in the TSS. The evaluator shall also ensure that the TSS (or the operational guidance) describes how candidate updates are obtained.

Guidance

None.

Tests

None.

FPT_TUD_EXT.2.3 is added to FPT_TUD_EXT.2 in Appendix B:

FPT_TUD_EXT.2.3 The application installation package shall be digitally signed such that its platform can cryptographically verify them prior to installation.

Application Note: The specifics of the verification of installation packages involves requirements on the platform (and not the application), so these are not fully specified here.

Evaluation Activity

TSS

The evaluator shall verify that the TSS identifies how the application installation package is signed by an authorized source. The definition of an authorized source must be contained in the TSS. 

Guidance

None.

Tests

None.

 

 

Justification

FPT_TUD_EXT.1.4 should apply only to updates and FPT_TUD_EXT.2 should cover the digital signing of the installation package when  "as an additional software package to the OS" is selected in FPT_TUD_EXT.1.5.

 
 
Site Map              Contact Us              Home